1. Technical Field
This invention relates generally to digital certificates issued by a certification authority, digital signatures, and public key cryptography, all of which are part of a security infrastructure for on-line transactions. More particularly, this invention relates to the cross-referencing of such digital certificates.
2. Background Art
As a result of the continuous development of new technologies, particularly in the areas of computer networks and communications, the use of large computer networks, such as the Internet, is becoming more widespread. This has resulted in an increase in electronic commerce and other electronic transactions conducted over these networks, with a corresponding need for security for these transactions.
Public key cryptography, as described in Bruce Schneier, Applied Cryptography (John Wiley and Sons, Inc., New York, 1996), is one technology addressing this need for security. A public key infrastructure (PKI) is based on assigning key pairs to entities. Each key pair includes a private key and a public key. Either key may be used to encrypt a message; the other key must be used to decrypt the message. The private key is securely held by the entity to which it is assigned; while the public key is made widely available.
The use of these key pairs addresses many of the inherent security problems in an open network such as the Internet. However, without more, two significant problems remain. First, parties must be able to access the public keys in an efficient manner. Second, since communications and transactions are secured by the key pairs and entities are associated with and in some sense identified by their public keys, there must be a secure method for third parties to verify that a certain public key corresponds to a certain entity.
Digital certificates are one method for addressing both of these problems. A trusted third party, commonly known as a certification authority or issuer, issues digital certificates to subscribers. Each digital certificate typically includes the subscriber""s public key along with other information about the subscriber. One purpose of the digital certificate is to document in a trustworthy manner that the public key is associated with the subscriber. In other words, the digital certificate xe2x80x9cbindsxe2x80x9d the subscriber to the public key. The trustworthiness is typically provided by having the issuer of the digital certificate xe2x80x9cdigitally signxe2x80x9d the certificate, thereby securing its contents against subsequent tampering. Third parties who wish to verify that a certain public key corresponds to a certain subscriber may do so by examining the corresponding digital certificate.
For security and other reasons, digital certificates typically are valid only for a limited period of time. For example, when digital certificates are issued, they typically have an expiration date after which they are no longer valid. Alternately, a digital certificate may be compromised prior to its expiration date, in which case, the issuer may actively revoke the digital certificate. In these and other cases, the subscriber must obtain a new digital certificate to replace the old digital certificate and, over any significant period of time, a subscriber will likely have had an entire series of digital certificates.
It is often desirable to be able to efficiently determine the relationship between two digital certificates, particularly if one digital certificate is a replacement for the other. For example, an on-line merchant may have accumulated significant amounts of information about a specific subscriber, who is identified primarily by his public key and the corresponding digital certificate. If this digital certificate is replaced by a new digital certificate, it would be desirable for the merchant to ascertain this so that he may associate the accumulated information with the new digital certificate.
Thus, there is a need for cross-referencing of digital certificates.
One aspect of the present invention is a computer readable medium (120) storing a first digital certificate (200). The first digital certificate (200) is issued by a first certification authority (104) to a first subscriber (102), binds the first subscriber (102) to a first public key (210), and is digitally signed by the first certification authority (104). The first digital certificate (200) includes subscriber information (206) pertaining to the first subscriber (102) and related certificate information (216) at least partially identifying a second digital certificate (200). The second digital certificate (200) is issued by a second certification authority (104) to a second subscriber (102), binds the second subscriber (102) to a second public key (210), and is digitally signed by the second certification authority (104). The first subscriber (102) is matched to the second subscriber (102).
Another aspect of the present invention is a method (400) for creating such a first digital certificate (200). A second digital certificate (200), the subscriber (102) of which matches the first subscriber (102), is identified (402). Subscriber information (206) pertaining to the first subscriber (102) and related certificate information (216) at least partially identifying the second digital certificate (200) are included (404) in the first digital certificate (200). The first digital certificate (200) is digitally signed by an issuer (104).
Another aspect of the invention is a method (600, 700) for processing such first digital certificates (200). The first digital certificate (200) is authenticated (602, 702). The first digital certificate (200) includes related certificate information (216) at least partially identifying a second digital certificate (200) with a matching subscriber. Based on this related certificate information (216), a status of the second digital certificate (200) is determined (606, 706). The first digital certificate (200) is then processed (608, 708) responsive to the status of the second digital certificate (200).
The present invention is particularly advantageous because information (216) concerning related digital certificates (200) is securely recorded on the digital certificate (200) itself. Hence, users (108) of the digital certificate (200) can determine the relationship of the digital certificate (200) to the other digital certificates (200) and can tailor their actions accordingly.